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1 Security and eliability: A feather-weight virtual machine for windows applications 
Jj^ Yang Yu, Fanglu Guo, Susanta Nanda, Lap-chung Lam, Tzi-cker Chiueh 
>r June 2006 Proceedings of the second international conference on Virtual execution 
environments VEE '06 
Publisher: ACM Press 

Full text available: ^ pdfd 92.18 KB) Additional Information: full citation , abstract , references , index terms 

Many fault-tolerant and intrusion-tolerant systems require the ability to execute unsafe 
programs in a realistic environment without leaving permanent damages. Virtual machine 
technology meets this requirement perfectly because it provides an execution environment 
that is both realistic and isolated. In this paper, we introduce an OS level virtual machine 
architecture for Windows applications called Feather-weight Virtual Machine (FVM), under 
which virtual machines share as many resources ... 

Keywords: copy on write, mobile code security, namespace virtualization, system call 
interception, virtual machine 



2 Digital preservation: A semi-automated digital preservation system based on 
<H> semantic web services 

Jane Hunter, Sharmin Choudhury 

June 2004 Proceedings of the 4th ACM/IEEE-CS joint conference on Digital libraries 
JCDL '04 

Publisher: ACM Press 

Full text available: fij pdf(357.74 KB) Additional Information: full citation, abstract , references , citings , index 

terms 

This paper describes a Web-services-based system which we have developed to enable 
organizations to semi-automatically preserve their digital collections by dynamically 
discovering and invoking the most appropriate preservation service, as it is required. By 
periodically comparing preservation metadata for digital objects in a collection with a 
software version registry, potential object obsolescence can be detected and a notification 
message sent to the relevant agent. By making preservation so ... 

Keywords: digital preservation, semantic web services 
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Thomas Raffetseder, Engin Kirda, Christopher Kruegel 

May 2007 Proceedings of the Third International Workshop on Software Engineering 
for Secure Systems SESS '07 

Publisher: IEEE Computer Society 

Full text available: ^ pdfd 94.57 KB) Additional Information: full citation , abstract 

Phishing is an online identity theft that aims to steal sensitive information such as user 
names, passwords, and credit card numbers. Although phishing is a simple social 
engineering attack, it has proven to be surprisingly effective. Hence, the number of 
phishing scams is continuing to grow, and the costs of the resulting damages is increasing. 
Researchers as well as the IT industry have identified the urgent need for anti-phishing 
solutions and recently, a number of solutions to mitigate phish ... 

Keywords: Phishing, Security, Browser Helper Objects, .NET, Internet Explorer, Firefox 



4 Break the hardware upgrade cycle with Win4Lin windows virtual server 
Jon Watson 

February 2007 Linux Journal volume 2007 issue 154 
Publisher: Specialized Systems Consultants, Inc. 

Full text available: jjj] html(2Q1,91 KB) Additional Information: full citation , abstract , index terms 
Windows on many Linux clients. 



5 Automating windows security: building a security CD 
Dan Albrich 

November 2005 Proceedings of the 33rd annual ACM SIGUCCS conference on User 
services SIGUCCS '05 

Publisher: ACM Press 

Full text available: ^ pdf(228.23 KB) Additional Information: full citation , abstract , index terms 

The last two years have seen more virus and spyware activity on Windows computers than 
the preceding fifteen years. Blaster and Welchia wreaked havoc in the fall of 2003 because 
most of us had never seen a computer be infected through simple connection to the 
Internet. While an individual computer support person has the knowledge to disinfect a 
computer, the automation of that process is critical to handling thousands of users with 
limited support staff.' Our CD method allows us to update, patch, ... 

Keywords: automated security, custom CD-ROM, patch management, scripting 




6 A formal framework for component deployment 
^ Yu David Liu, Scott F. Smith 

October 2006 ACM SIGPLAN Notices , Proceedings of the 21st annual ACM SIGPLAN 
conference on Object-oriented programming systems, languages, and 
applications OOPSLA '06, Volume 41 Issue 10 
Publisher: ACM Press 

Full text available: ^) pdf(592.54 KB) Additional Information: full citation , abstract , references , index terms 

Software deployment is a complex process, and industrial-strength frameworks such 
as .NET, Java, and CORBA all provide explicit support for component deployment. 
However, these frameworks are not built around fundamental principles as much as they 
are engineering efforts closely tied to particulars of the respective systems. Here we aim 
to elucidate the fundamental principles of software deployment, in a platform-independent 
manner. Issues that need to be addressed include deployment unit design ... 
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Hal Berghel 

December 2003 Communications of the ACM, volume 46 issue 12 n 
Publisher: ACM Press 

Full text available: pdf(101.12 KB) 

L * 00 ' Additional Information: full citation , abstract , index terms 
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August 2003: SoBig, W32/Blaster, and the malware month of the millennium. 

8 Forum: Forum Z . ' H 

Diane Crawford 

October 2003 Communications of the ACM, Volume 46 issue 10 
Publisher: ACM Press 
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9 Secure routing and firewall: Identity-based registry for secure interdomain routing I I 
E-yong Kim, Klara Nahrstedt, Li Xiao, Kunsoo Park 

March 2006 Proceedings of the 2006 ACM Symposi um on Information, computer and 

communications security ASIACCS '06 
Publisher: ACM Press 

Full text available: ^| pdf(320.80 KB) Additional Information: full citation , abstract , references , index terms 

The current Internet has no secure way to validate the correctness of the routing 
information. We suggest a mechanism that supports secure validation of routing 
information in the interdomain routing protocol of the Internet. Our mechanism focuses on 
alleviating obstacles which previously prevent the complete and correct construction of the 
Internet routing information. In particular, we propose an identity-based Registry with 
Authorized and Verifiable Search (RAVS) so that routing inform ... 

Keywords: authorized search, identity-based registry, verifiable search 




10 Integration of DCE and local registries: design approaches 
Ping Lin, Sekar Chandersekaran 

December 1993 Proceedings of the 1st ACM conference on Computer and 

communications security CCS '93 
Publisher: ACM Press 

Full text available: ^ pdf(470.34 KB) Additional Information: full citation , abstract , references , index terms 

When DCE is implemented on an existing operating system platform, its security facilities 
need to be integrated with the local security facilities on that platform. One key task in this 
effort is the integration of the DCE registry and the local security registry. This paper 
discusses the requirement for registry integration, and considers alternative approaches to 
a number of major structural issues that arise when integrating the DCE registry with local 
registries, including: < ... 

11 SybilGuard: defending against sybil attacks via social networks 
Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, Abraham Flaxman 
August 2006 ACM SIGCOMM Computer Comm unication Review , Proceedings of the 
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2006 conference on Applications, technologies, architectures, and 
protocols for computer communications SIGCOMM '06, volume 36 issue 4 
Publisher: ACM Press 

Full text available* f£\ odf(372 47 KB) Additional Information: full citation , abstract , references , cited by . index 

: . terms 

Peer-to-peer and other decentralized, distributed systems are known to be particularly 
vulnerable to sybil attacks. In a sybil attack,a malicious user obtains multiple fake 
identities and pretends to be multiple, distinct nodes in the system. By controlling a large 
fraction of the nodes in the system,the malicious user is able to "out vote" the honest 
users in collaborative tasks such as Byzantine failure defenses. This paper presents 
SybilCuard, a novel protocol for limiting the co ... 

Keywords: social networks, sybil attack, sybil identity, sybilGuard 

12 Scalable Grid Service Discovery based on UDDl I I 

A Sujata Banerjee, Sujoy Basu, ShishirGarg, Sukesh Garg, Sung-Ju Lee, Pramila Mullan, 
^ Puneet Sharma 

November 2005 Proceedings of the 3rd international workshop on Middleware for grid 
computing MGC '05 

Publisher: ACM Press 

Full text available: ^] pdf(391.56 KB) Additional Information: full citation , abstract , references , index terms 

Efficient discovery of grid services is essential for the success of grid computing. The 
standardization of grids based on web services has resulted in the need for scalable web 
service discovery mechanisms to be deployed in grids Even though UDDI has been the de 
facto industry standard for web-services discovery, imposed requirements of tight- 
replication among registries and lack of autonomous control has severely hindered its 
widespread deployment and usage. With the advent of grid computing t ... 

Keywords: DHT, MDS, UDDI, discovery, grid computing, web services 



13 A service-oriented monitorin g registry I I 
Bahman Kalali, Paulo Alencar, Don Cowan 

October 2003 Proceedings of the 2003 conference of the Centre for Adva need Studies 
on Collaborative research CASCON '03 

Publisher: IBM Press 

Full text available* t^l pdf(217.87 KB) Addit ' ona ' Information: full citation , abstract , references , citings , index 

terms 

Web services are software modules that expose their functionality over the Internet via 
well-defined interfaces. Although Web services are promising technologies in that they 
facilitate application-to-application communication over the Internet, they still rely on 
traditional distributed computing communication models such as the remote procedure 
call, in which a Web service requestor needs to have complete knowledge of a Web service 
provider interface. If a Web service requestor did not use the ... 

14 Communication technology II - Internet services, and architectures: A query Q 
federation of UDDI registries 

Pornpong Rompothong, Twittie Senivongse 

September 2003 Proceedings of the 1st international symposium on Information and 
communication technologies ISICT '03 

Publisher: Trinity College Dublin 

Full text available: ^ pdf(289.96 KB) Additional Information: full citation , abstract , references 
Cooperation between multiple service registries is a desirable feature for large-scale 



http://portal.acm.org/results.cfm^ 7/3/2007 



Results (page 1): InstallShield "CurrentVersion" registry key 



Page 5 of 6 



distributed systems where there are several instances of such registries housing 
advertisement entries for various businesses and services. By federating service registries, 
advertisement entries in one registry can be discovered by service consumers who query 
via other remote registries. This paper presents an extension for a query federation of 
UDDI registries within Web Service environment. This allows quer ... 

Keywords: UDDI, Web service, federation, service discovery 



15 Response to "Problems with DCE security services" 
WJ Walter Tuvel I 

April 1996 ACM SIGCOMM Computer Comm unication Review, Volume 26 issue 2 
Publisher: ACM Press 

Full text available: fg) pdf(1.01 MB) Additional Information: full citation , index terms 
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16 Industrial sessions: beyond relational tables: An ebXML infrastructure implementation Q 
<g> throu g h UDDI re g istries and RosettaNet PIPs " 
^ Asuman Dogac, Yusuf Tambag, Pinar Pembecioglu, Sait Pektas, Gokce Laleci, Gokhan Kurt, 

Serkan Toprak, Yildiray Kabak 

June 2002 Proceedings of the 2002 ACM SIGMOD i nternational conference on 
Management of data SIGMOD '02 

Publisher: ACM Press 

Full text available- fi3 pdf(125MB) Additional Information: full citation , abstract , references , citings, index 
' terms 

Today's Internet based businesses need a level of interoperability which will allow trading 
partners to seamlessly and dynamically come together and do business without ad hoc 
and proprietary integrations. Such a level of interoperability involves being able to find 
potential business partners, discovering their services and business processes, and 
conducting business "on the fly". This process of dynamic interoperation is only possible 
through standard B2B frameworks. Indeed a number of B2B ele ... 

17 Session 2: secure Web services: UDDI and WSDL extensions for Web service: a HI 
^ security framework 

^ Carlisle Adams, Sharon Boeyen 

November 2002 Proceedings of the 2002 ACM workshop on XML security XMLSEC '02 
Publisher: ACM Press 

Full text available- fifl pdf(91 22 KB) Additional Information: full citation , abstract , references , citings, index 
' terms , review 

This paper outlines a framework for implementing security for Web Services by extending 
UDDI and WSDL. The framework includes security of UDDI itself, security of Web services 
transactions, and linkages with existing infrastructures outside UDDI. Extensions to the 
schema for both UDDI and WSDL are identified, as well as extensions to the security of 
thepublication and discovery mechanism itself. 

Keywords: UDDI, WSDL, XML schema, security, standards 



18 The design and performance of a pluggable protocols framework for real-time 
distributed object computing middleware 

Carlos O'Ryan, Fred Kuhns, Douglas C. Schmidt, Ossama Othman, Jeff Parsons 
April 2000 IFIP/ACM International Conference on Distributed systems platforms 
Middleware 'OO 
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Publisher: Springer-Verlag New York, Inc. 

Full text available: |E| -pdf(231.64 KB) Additional Information: full citation , abstract , references , citings 

To be an effective platform for performance -sensitive real-time and embedded 
applications, off-the-shelf CORBA middleware must preserve the communication-layer 
quality of service (QoS) properties of applications end-to-end. However, the standard 
CORBA GIOP/HOP interoperability protocols are not well suited for applications that cannot 
tolerate the message footprint size, latency, and jitter associated with general-purpose 
messaging and transport protocols. It is essential, therefore, to de ... 

19 Lang uage design and implementation: Explicitly distributed AOP using AWED I I 

Jfa Luis Daniel Benavides Navarro, Mario Sudholt, Wim Vanderperren, Bruno De Fraine, Davy 
Suvee 

March 2006 Proceedings of the 5th international conference on Aspect-oriented 
software development AOSD '06 

Publisher: ACM Press 

Full text available: ^ pdf(373.80 KB) Additional Information: full citation , abstract, references , cited by„ index 
^ terms 

Distribution-related concerns, such as data replication, often crosscut the business code of 
a distributed application. Currently such crosscutting concerns are frequently realized on 
top of distributed frameworks, such as EJBs, and initial AO support for the modularization 
of such crosscutting concerns, e.g., JBoss AOP and Spring AOP, has been proposed. Based 
on an investigation of the implementation of replicated caches using JBoss Cache, we 
motivate that crosscutting concerns of distrib ... 

Keywords: AWED, aspects, distributed execution, distributed language constructs, 
remote pointcuts 



20 Discussion paper: privacy-preserving distributed queries for a clinical case research I I 
network 

Gunther Schadow, Shaun J. Grannis, Clement J. McDonald 

December 2002 Proceedings of the IEEE international conference on Privacy, security 
and data mining - Volume 14 CRPIT '14 

Publisher: Australian Computer Society, Inc. 

Full text available: t£l pdf(181 41 KB) Additional Information: full citation , abstract , references , citings, index 
te***-* : terms 

We present the motivation, use-case and requirements of a clinical case research network 
that would allow biomedical researchers to perform retrospective analysis on de-identified 
clinical cases joined across a large scale (nationwide) distributed network. Based on semi- 
join adaptive plans for fusion-queries, in this paper we discuss how joining can be done in 
a way that protects the privacy of the individual patients involved. Our method is based on 
a cryptographically strong keyed-hash algorit ... 

Keywords: distributed databases, privacy, record linkage, semi-join 
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